Tartarus changed the topic of #u-boot to: SOURCE MOVED TO https://source.denx.de/u-boot/u-boot.git / U-Boot v2024.10 is OUT / Merge Window is OPEN, next branch is CLOSED / Release v2025.01 is scheduled for 06 January 2025 / Channel archives at https://libera.irclog.whitequark.org/u-boot
prabhakalad has quit [Quit: Konversation terminated!]
prabhakalad has joined #u-boot
zibolo has quit [Ping timeout: 252 seconds]
zibolo has joined #u-boot
Jones42 has joined #u-boot
Jones42_ has quit [Ping timeout: 248 seconds]
jclsn has quit [Ping timeout: 265 seconds]
jclsn has joined #u-boot
goliath has quit [Quit: SIGSEGV]
mmu_man has quit [Ping timeout: 255 seconds]
mmu_man has joined #u-boot
jclsn has quit [Ping timeout: 244 seconds]
jclsn has joined #u-boot
mmu_man has quit [Ping timeout: 252 seconds]
Jones42_ has joined #u-boot
Jones42 has quit [Ping timeout: 265 seconds]
vagrantc has quit [Quit: leaving]
Wouter01002 has quit [Quit: The Lounge - https://thelounge.chat]
Wouter01002 has joined #u-boot
tec has quit [Quit: bye!]
tec has joined #u-boot
rvalue has joined #u-boot
Jones42_ has quit [Ping timeout: 252 seconds]
persmule has quit [Remote host closed the connection]
naoki has joined #u-boot
warpme has joined #u-boot
warpme has quit [Client Quit]
Stat_headcrabbed has joined #u-boot
warpme has joined #u-boot
warpme has quit [Client Quit]
mmu_man has joined #u-boot
naoki has quit [Quit: naoki]
<sjg1> marex: LeSpocky: I think updating -f auto to add hash by default should be fine
warpme has joined #u-boot
slobodan has joined #u-boot
slobodan has quit [Ping timeout: 265 seconds]
naoki has joined #u-boot
naoki has quit [Client Quit]
Jones42 has joined #u-boot
Jones42 has quit [Ping timeout: 248 seconds]
slobodan has joined #u-boot
mmu_man has quit [Ping timeout: 255 seconds]
slobodan has quit [Read error: Connection reset by peer]
slobodan has joined #u-boot
Wouter01002 has quit [Quit: The Lounge - https://thelounge.chat]
Wouter01002 has joined #u-boot
mmu_man has joined #u-boot
warpme has quit [Quit: My MacBook has gone to sleep. ZZZzzz…]
warpme has joined #u-boot
warpme has quit [Client Quit]
slobodan has quit [Changing host]
slobodan has joined #u-boot
goliath has joined #u-boot
mmu_man has quit [Ping timeout: 265 seconds]
mmu_man has joined #u-boot
glaroque has quit [Quit: Connection closed for inactivity]
warpme has joined #u-boot
Wouter01002 has quit [Quit: The Lounge - https://thelounge.chat]
Wouter01002 has joined #u-boot
persmule has joined #u-boot
edwinistrator238 has quit [Quit: The Lounge - https://thelounge.chat]
swiftgeek has joined #u-boot
edwinistrator238 has joined #u-boot
warpme has quit [Quit: My MacBook has gone to sleep. ZZZzzz…]
<marex> sjg1: actually, it seems like adding a hash node to /configurations does not insert a hash there ?
<sjg1> marex: No, you cannot hash a configuration
slobodan has quit [Ping timeout: 252 seconds]
dsimic has quit [Ping timeout: 260 seconds]
dsimic has joined #u-boot
<marex> sjg1: why not ?
<marex> sjg1: what does signature do in the configuration then ? doesn't it has the node ?
<sjg1> marex: The configuration is not an image, so hashing it would have no effect. Signing the configuration hashes the nodes that to which it refers (aka the devicetree metadata). Since images have a hash node, this protects the images for change
<marex> sjg1: but you can (and should) hash the config node too ?
<marex> when signing that is
<sjg1> marex: Yes, it is hashed
<sjg1> slide 34
<sjg1> (I mean, some of it is hashed)
<marex> sjg1: so ... you can has a configuration ?
<sjg1> Well, signatures are done by hashing various bits and then signing the hash
<sjg1> But it makes no sense to add a hash node to a configuration...the hash nodes are for the data properties, and configuration nodes don't have those
<marex> sjg1: why does it make no sense ? don't the hashes allow u-boot to detect bitrot ?
<sjg1> Do the slides help?
<marex> sjg1: no ?
<marex> sjg1: the question is simple -- why does it make no sense to attach hash to configuration ? won't that prevent bitrot ?
<marex> s@prevent@allow detection@
<marex> I need coffee ...
<sjg1> If someone changes an image, the image hash will detect that. If someone changes the image hash, the configuration signature will detect that
goliath has quit [Quit: SIGSEGV]
slobodan has joined #u-boot
<marex> sjg1: I am not talking about signed fitImages, I am talking about plain hashed fitImages used during development
urja has quit [Read error: Connection reset by peer]
swiftgeek has quit [Ping timeout: 245 seconds]
<sjg1> marex: OK, but unfortunately I am lost at this point
<marex> sjg1: let me ask again then -- why can we not hash configuration node and attach a hash of it to fitImage to detect bitrot in the configuration node ?
<sjg1> what does 'attach a hash of it to fitimage' mean, in practice?
edwinistrator238 has quit [Quit: The Lounge - https://thelounge.chat]
edwinistrator238 has joined #u-boot
edwinistrator238 has quit [Client Quit]
urja has joined #u-boot
rvalue has quit [Read error: Connection reset by peer]
rvalue has joined #u-boot
edwinistrator238 has joined #u-boot
swiftgeek has joined #u-boot
mmu_man has quit [Ping timeout: 244 seconds]
mmu_man has joined #u-boot
slobodan has quit [Changing host]
slobodan has joined #u-boot
alexeymin has joined #u-boot
goliath has joined #u-boot
<marex> sjg1: it means configuration node bitrot can be detected
goliath has quit [Quit: SIGSEGV]
alexxy has quit [Quit: No Ping reply in 180 seconds.]
alexxy has joined #u-boot
slobodan has quit [Read error: Connection reset by peer]
slobodan has joined #u-boot
goliath has joined #u-boot
lehmanju has quit [Quit: The Lounge - https://thelounge.chat]
lehmanju has joined #u-boot
naoki has joined #u-boot
alexxy has quit [Quit: No Ping reply in 180 seconds.]
alexxy has joined #u-boot
mmu_man has quit [Ping timeout: 252 seconds]
mmu_man has joined #u-boot
mmu_man has quit [Ping timeout: 246 seconds]
mmu_man has joined #u-boot
slobodan has quit [Read error: Connection reset by peer]
slobodan has joined #u-boot
naoki has quit [Quit: naoki]
slobodan has quit [Ping timeout: 272 seconds]
Stat_headcrabbed has quit [Quit: Stat_headcrabbed]
mmu_man has quit [Ping timeout: 244 seconds]
mmu_man has joined #u-boot
alexxy has quit [Quit: No Ping reply in 180 seconds.]
alexxy has joined #u-boot
Forty-Bot has quit [Read error: Connection reset by peer]
goliath has quit [Quit: SIGSEGV]
goliath has joined #u-boot
Forty-Bot has joined #u-boot
ikarso has joined #u-boot
niska has quit [Ping timeout: 264 seconds]
niska has joined #u-boot
Wouter01002 has quit [Quit: The Lounge - https://thelounge.chat]
Wouter01002 has joined #u-boot
vagrantc has joined #u-boot
naoki has joined #u-boot
ikarso has quit [Quit: Connection closed for inactivity]